CVE-2011-0216

Published: 21 July 2011

Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site.

Priority

Status

Package	Release	Status
libxml2 Launchpad, Ubuntu, Debian	hardy	Released (2.6.31.dfsg-2ubuntu1.7)
	lucid	Released (2.7.6.dfsg-1ubuntu1.3)
	maverick	Released (2.7.7.dfsg-4ubuntu0.3)
	natty	Released (2.7.8.dfsg-2ubuntu0.2)
	oneiric	Released (2.7.8.dfsg-4ubuntu0.1)
	upstream	Released (2.7.8.dfsg-5.1)
	Patches: upstream: http://git.gnome.org/browse/libxml2/commit/?id=69f04562f75212bfcabecd190ea8b06ace28ece2

References

https://ubuntu.com/security/notices/USN-1334-1
https://www.cve.org/CVERecord?id=CVE-2011-0216
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.